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and credit collection 



Summary of Invention Paragraph (4) : 

[0002] It is desirable for a computer operated under the control of a merchant to 
obtain information offered by a customer and transmitted by a computer operating under 
the control of the customer over a publicly accessible packet-switched network (e.g., 
the Internet) to the computer operating under the control of the merchant, without 
risking the exposure of the information to interception by third parties that have 
access to the network, and to assure that the information is from an authentic source. 
It is further desirable to have the ability for the merchant to transmit information, 
including a subset of the information provided by the customer, over such a network to 
a payment gateway computer system that is authorized, by a bank or other financial 
institution that has the responsibility of providing payment on behalf of the customer, 
to authorize a commercial transaction on behalf of such a financial institution^ 
without the risk of exposing that information to interception by third parties . Such 
institutions include, for example, financial institutions offering credit or debit card 
services . 

Summary of Invention Paragraph (6) : 

[0 004] Another such attempt to provide such a secure transmission channel is a 
general -purpose secure communication protocol such as Netscape, Inc. 's Secure Sockets 
Layer (hereinafter "SSL")/ as described in Freier, Karlton & Kocher (hereinafter 
"Freier"), The SSL Protocol Version 3.0, March 1996, and hereby incorporated by 
reference. SSL provides a means for secure transmission between two computers . SSL has 
the advantage that it does not require special-purpose software to be installed on the 
customer's computer because it is already incorporated into widely available software 
that many people utilize as their standard Internet access medium, and does not require 
that the customer interact with an y third-party certification authority. Instead, the 
support for SSL may be incorporated into software already in use by the customer, e.g. , 
the Netscape Navigator World Wide Web browsing tool. However, although a computer on an 
SSL connection may initiate a second SSL connection to another computer, a drawback to 
the SSL approach is each SSL connection supports only a two -computer connection. 
Therefore, SSL does not provide a mechanism for transmitting encoded information to a 
merchant for retransmission to a payment gateway such that a subset of the information 
is readable to the payment gateway but not to the merchant. Although SSL allows for 
robustly secure two-party data transmission, it does not meet the ultimate need of the 
electronic commerce market for robustly secure three-party data transmission. Other 
examples of general -purpose secure communication protocols inclu de Priva j tj e 
Commun i ca t i on s JT.ec hno 1 ogy ( "j? CT " ) from Microsoft, Inc., Secure Hyper-Text Transport 
Protocol ( " SHTTP" ) from Theresa Systems, Shen, Kerberos, Photuris, Pretty Good Privacy 
("PGP") and Ipv6 which meets the IPSEC criteria. One of ordinary skill in the art will 
readily comprehend that any of the general -purpose secure communication protocols can 
be substituted for the SSL transmission protocol without undue experimentation. 

Detail Description Paragraph (2 ) : 

[0023] A preferred embodiment of a system in accordance with the present invention is 
preferably practiced in the context of a personal computer such as the IBM PS/2, Apple 
Macintosh computer or UNIX based workstation. A representative hardware environment is 
depicted in FIG. 1A, which illustrates a typical hardware configuration of a 
workstation in accordance with a preferred embodiment having a central processing unit 
10, such as a microprocessor, and a number of other units interconnected via a system 
bus 12. The workstation shown in FIG. 1A includes a Random Access Memory (RAM) 14, Read 
Only Memory (ROM) 16, an I/O adapter 18 for connecting peripheral devices such as disk 
storage units 20 to the bus 12, a user interface adapter 22 for connecting a keyboard 
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24, a mouse 26, a speaker 28, a microphone 32, and/or other user interface devices such 
as a touch screen (not shown) to the bus 12, communication adapter 34 for connecting 
the workstation to a communication network (e.g., a data processing network) and a 
display adapter 36 for connecting the bus 12 to a display device 38. The workstation 
typically has resident thereon an operating system such as the Microsoft Windows 
Operating System (OS ) , the IBM OS/2 operating system, the MAC OS, or UNIX operating 
system . Those skilled in the art will appreciate that the present invention may also be 
implemented on platforms and operating systems other than those mentioned. 
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DOCUMENT -IDENTIFIER: US 5996076 A 

TITLE: System, method and article of manufacture for secure digital certification of 
electronic commerce 



Brief Summary Text (13) : 

It is desirable for a computer operated under the control of a merchant to obtain 
information offered by a customer and transmitted by a computer operating under the 
control of the customer over a publicly accessible packet -switched network (e.g., the 
Internet) to the computer operating under the control of the merchant, without risking 
the exposure of the information to interception by third parties that have access to 
the network, and to assure that the information is from an authentic source. It is 
further desirable for the merchant to transmit information, including a subset of the 
information provided by the customer, over such a network to a payment gateway computer 
system that is authorized, by a bank or other financial institution that has the 
responsibility of providing payment on behalf of the customer, to authorize a 
commercial transaction on behalf of such a financial institution, without the risk of 
exposing that information to interception by third parties . Such institutions include, 
for example, financial institutions offering credit or debit card services. 

Brief Summary Text (15) : 

Another such attempt to provide such a secure transmission channel is a general -purpose 
secure communication protocol such as Netscape, Inc. 's Secure Sockets Layer 
(hereinafter "SSL")/ as described in Freier, Karlton & Kocher (hereinafter "Freier"), 
The SSL Protocol Version 3.0, March 1996, and hereby incorporated by reference. SSL 
provides a means for secure transmission between two computers . SSL has the advantage 
that it does not require special-purpose software to be installed on the customer's 
computer because it is already incorporated into widely available software that many 
people utilize as their standard Internet access medium, and does not require that the 
customer interact with any third-party certification authority. Instead, the support 
for SSL may be incorporated into software already in use by the customer, e.g., the 
Netscape Navigator World Wide Web browsing tool. However, although a computer on an SSL 
connection may initiate a second SSL connection to another computer, a drawback to the 
SSL approach is each SSL connection supports only a two -computer connection. Therefore, 
SSL does not provide a mechanism for transmitting encoded information to a merchant for 
retransmission to a payment gateway such that a subset of the information is readable 
to the payment gateway but not to the merchant. Although SSL allows for robustly secure 
two-party data transmission, it does not meet the ultimate need of the electronic 
commerce market for robustly secure three-party data transmission. Other examples of 
general -purpose secure communication protocols include Private Communications 
Technology ("PCT") from Microsoft, Inc., Secure Hyper-Text Transport Protocol ("SHTTP") 
from Theresa Systems, Shen, Kerberos, Photuris, Pretty Good Privacy ("PGP") and Ipv6 
which meets the IPSEC criteria. One of ordinary skill in the art readily comprehends 
that any of the general -purpose secure communication protocols can be substituted for 
the SSL transmission protocol without undue experimentation. 

Detailed Description Text (2 ) : 

A preferred embodiment of a system in accordance with the present invention is 
preferably practiced in the context of a personal computer such as the IBM PS/2, Apple 
Macintosh computer or UNIX based workstation. A representative hardware environment is 
depicted in FIG. 1A, which illustrates a typical hardware configuration of a 
workstation in accordance with a preferred embodiment having a central processing unit 
10, such as a microprocessor, and a number of other units interconnected via a system 
bus 12. The workstation shown in FIG. 1A includes a Random Access Memory (RAM) 14, Read 
Only Memory (ROM) 16, an I/O adapter 18 for connecting peripheral devices such as disk 
storage units 20 to the bus 12, a user interface adapter 22 for connecting a keyboard 
24, a mouse 26, a speaker 28, a microphone 32, and/or other user interface devices such 
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as a touch screen (not shown) to the bus 12, communication adapter 34 for connecting 
the workstation to a communication network (e.g., a data processing network) and a 
display adapter 36 for connecting the bus 12 to a display device 38. The workstation 
typically has resident thereon an operating system such as the Microsoft Windows 
Operating System (OS ) , the IBM OS/2 operating system, the MAC OS, or UNIX operating 
system . Those skilled in the art appreciates that the present invention may also be 
implemented on platforms and operating systems other than those mentioned. 
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DOCUMENT- IDENTIFIER: US 6373950 Bl 

TITLE: System, method and article of manufacture for transmitting messages within 
messages utilizing an extensible, flexible architecture 

Abstract Text (1) : 

Secure transmission of data is provided between a plurality of computer systems over a 
public communication system, such as the Internet. Secure transmission of data is 
provided from a customer computer system to a merchant computer system, and for the 
further secure transmission of payment information regarding a payment instrument from 
the merchant computer system to a payment gateway computer system. The payment gateway 
system formats transaction information appropriately and transmits the transaction to 
the particular host legacy system. The host legacy system evaluates the payment 
information and returns a level of authorization of credit to the gateway which 
packages the information to form a secure transaction which is transmitted to the 
merchant which is in turn communicated to the customer by the merchant. The merchant 
can then determine whether to accept the payment instrument tendered or deny credit and 
require another payment instrument. An architecture that provides support for 
additional message types that are value-added extensions to the basic SET protocol, is 
provided by a preferred embodiment of the invention. The merchant can then determine 
whether to accept the payment instrument tendered or deny credit and require another 
payment instrument. An architecture that provides support for additional message types 
that are not SET compliant is provided by a preferred embodiment of the invention. An 
architecture for transmitting messages from a merchant -controlled computer system, such 
as a server, to an acquirer-controlled computer system, such as a gateway, is 
disclosed. The merchant-controlled computer system defines messages as text name-value 
pairs, and encrypts them using an encryption scheme such as PKCS-7. The encrypted 
name -value pairs are encoded into a text sequence using a text -encoding scheme such as 
Multipurpose Internet Mail Extensions encoding. The messages are transmitted to the 
acquirer-controlled computer as payload data in a transmission block. The messages may 
be used, for example, to command the acquirer-controlled computer to perform 
settlement/reconciliation, to notify the acquirer-controlled computer of a logon or 
logoff operation, or to request the acquirer-controlled computer to transmit its 
parameter values. 

Brief Summary Text (13) : 

It is desirable for a computer operated under the control of a merchant to obtain 
information offered by a customer and transmitted by a computer operating under the 
control of the customer over a publicly accessible packet-switched network (e.g., the 
Internet) to the computer operating under the control of the merchant, without risking 
the exposure of the information to interception by third parties that have access to 
the network, and to assure that the information is from an authentic source. It is 
further desirable for the merchant to transmit information, including a subset of the 
information provided by the customer, over such a network to a payment gateway computer 
system that is designated, by a bank or other financial institution that has the 
responsibility of providing payment on behalf of the customer, to authorize a 
commercial transaction on behalf of such a financial institution, without the risk of 
exposing that information to interception by third parties . Such institutions include, 
for example, financial institutions offering credit or debit card services. 

Brief Summary Text (15) : 

Another such attempt to provide such a secure transmission channel is a general -purpose 
secure communication protocol such as Netscape, Inc. 's Secure Sockets Layer 
(hereinafter "SSL")/ as described in Freier, Karlton & Kocher (hereinafter "Freier"), 
The SSL Protocol Version 3.0, March 1996, and hereby incorporated by reference. SSL 
provides a means for secure transmission between two computers . SSL has the advantage 
that it does not require special -purpose software to be installed on the customer's 



1 of 2 



1/15/03 4:59 PM 



Record Display Form http://westbrs : 8002/bin/gate.exe?f=doc&s . . .c^Bfep_doc_3=&p_doc_4=&p_doc_5 =&p_doc_6= 



computer because it is already incorporated into widely available software that many 
people utilize as their standard Internet access medium, and does not require that the 
customer interact with any third-party certification authority. Instead, the support 
for SSL may be incorporated into software already in use by the customer, e.g., the 
Netscape Navigator World Wide Web browsing tool. However, although a computer on an SSL 
connection may initiate a second SSL connection to another computer, a drawback to the 
SSL approach is each SSL connection supports only a two -computer connection. Therefore, 
SSL does not provide a mechanism for transmitting encoded information to a merchant for 
retransmission to a payment gateway such that a subset of the information is readable 
to the payment gateway but not to the merchant. Although SSL allows for robustly secure 
two-party data transmission, it does not meet the ultimate need of the electronic 
commerce market for robustly secure three-party data transmission. Other examples of 
general -purpose secure communication protocols include Private Communications 
Technology ("PCT") from Microsoft, Inc., Secure Hyper-Text Transport Protocol ( " SHTTP" ) 
from Terisa Systems, Shen, Kerberos, Photuris, Pretty Good Privacy ("PGP") which meets 
the IPSEC criteria. One of ordinary skill in the art readily comprehends that any of 
the general -purpose secure communication protocols can be substituted for the SSL 
transmission protocol without undue experimentation. 

Detailed Description Text (2 ) : 

A preferred embodiment of a system in accordance with the present invention is 
preferably practiced in the context of a personal computer such as the IBM PS/2, Apple 
Macintosh computer or UNIX based workstation. A representative hardware environment is 
depicted in FIG. 1A, which illustrates a typical hardware configuration of a 
workstation in accordance with a preferred embodiment having a central processing unit 
10, such as a microprocessor, and a number of other units interconnected via a system 
bus 12. The workstation shown in FIG. 1A includes a Random Access Memory (RAM) 14, Read 
Only Memory (ROM) 16, an I/O adapter 18 for connecting peripheral devices such as disk 
storage units 2 0 to the bus 12, a user interface adapter 22 for connecting a keyboard 
24, a mouse 26, a speaker 28, a microphone 32, and/or other user interface devices such 
as a touch screen (not shown) to the bus 12, communication adapter 34 for connecting 
the workstation to a communication network (e.g., a data processing network) and a 
display adapter 36 for connecting the bus 12 to a display device 38. The workstation 
typically has resident thereon an operating system such as the Microsoft Windows NT or 
Windows/ 95 Operating System (OS ) , the IBM OS/2 operating system, the MAC OS, or UNIX 
operating system . Those skilled in the art will appreciate that the present invention 
may also be implemented on platforms and operating systems other, than those mentioned. 
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